Details of VAR-202410-1835

ID

VAR-202410-1835

CVE

CVE-2024-47747

TITLE

Linux of Linux Kernel Vulnerability in using free memory in

Trust: 0.8

sources: JVNDB: JVNDB-2024-011214

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to &prev(dev)->timer. Once the timer is started, there is a risk of a race condition if the module or device is removed, triggering the ether3_remove function to perform cleanup. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | ether3_ledoff ether3_remove | free_netdev(dev); | put_devic | kfree(dev); | | ether3_outw(priv(dev)->regs.config2 |= CFG2_CTRLO, REG_CONFIG2); | // use dev Fix it by ensuring that the timer is canceled before proceeding with the cleanup in ether3_remove. Linux of Linux Kernel Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues

Trust: 2.16

sources: NVD: CVE-2024-47747 // JVNDB: JVNDB-2024-011214 // CNVD: CNVD-2025-19350

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	lt	version:	6.11.2	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	6.11	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.16	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.6.54	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.10.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.11	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.1.113	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	6.7	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	6.2	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.15	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.10.227	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.15.168	Trust: 1.0
vendor:	linux	model:	kernel	scope:	eq	version:	6.11 that's all 6.11.2	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	5.11 that's all 5.15.168	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	5.16 that's all 6.1.113	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	-	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	6.2 that's all 6.6.54	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	6.7 that's all 6.10.13	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	4.15 that's all 5.10.227	Trust: 0.8
vendor:	siemens	model:	ruggedcom rst2428p	scope:	lt	version:	v3.2	Trust: 0.6
vendor:	siemens	model:	scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 family	scope:	lt	version:	v3.2	Trust: 0.6
vendor:	siemens	model:	scalance xcm-/xrm-/xch-/xrh-300 family	scope:	lt	version:	v3.2	Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011214 // NVD: CVE-2024-47747

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-47747
value:	HIGH
Trust: 1.0
NVD:	CVE-2024-47747
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-19350
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-19350
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2024-47747
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2024-47747
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011214 // NVD: CVE-2024-47747

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.0
problemtype:	Use of freed memory (CWE-416) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-011214 // NVD: CVE-2024-47747

PATCH

title:	Fix use after free vulnerability in ether3 Driver Due to Race Condition (d2abc37) Linux Kernel	url:	https://git.kernel.org/stable/c/1c57d61a43293252ad732007c7070fdb112545fd	Trust: 0.8
title:	Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlier	url:	https://www.cnvd.org.cn/patchInfo/show/723061	Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011214

EXTERNAL IDS

db:	NVD	id:	CVE-2024-47747	Trust: 2.6
db:	SIEMENS	id:	SSA-355557	Trust: 1.6
db:	SIEMENS	id:	SSA-265688	Trust: 1.0
db:	JVN	id:	JVNVU92169998	Trust: 0.8
db:	ICS CERT	id:	ICSA-25-226-07	Trust: 0.8
db:	JVNDB	id:	JVNDB-2024-011214	Trust: 0.8
db:	CNVD	id:	CNVD-2025-19350	Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011214 // NVD: CVE-2024-47747

REFERENCES

url:	https://cert-portal.siemens.com/productcert/html/ssa-355557.html	Trust: 1.6
url:	https://git.kernel.org/stable/c/d2abc379071881798d20e2ac1d332ad855ae22f3	Trust: 1.0
url:	https://git.kernel.org/stable/c/77a77331cef0a219b8dd91361435eeef04cb741c	Trust: 1.0
url:	https://cert-portal.siemens.com/productcert/html/ssa-265688.html	Trust: 1.0
url:	https://git.kernel.org/stable/c/1c57d61a43293252ad732007c7070fdb112545fd	Trust: 1.0
url:	https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html	Trust: 1.0
url:	https://git.kernel.org/stable/c/25d559ed2beec9b34045886100dac46d1ad92eba	Trust: 1.0
url:	https://git.kernel.org/stable/c/b5109b60ee4fcb2f2bb24f589575e10cc5283ad4	Trust: 1.0
url:	https://git.kernel.org/stable/c/516dbc6d16637430808c39568cbb6b841d32b55b	Trust: 1.0
url:	https://git.kernel.org/stable/c/b5a84b6c772564c8359a9a0fbaeb2a2944aa1ee9	Trust: 1.0
url:	https://git.kernel.org/stable/c/338a0582b28e69460df03af50e938b86b4206353	Trust: 1.0
url:	https://git.kernel.org/stable/c/822c7bb1f6f8b0331e8d1927151faf8db3b33afd	Trust: 1.0
url:	https://jvn.jp/vu/jvnvu92169998/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-47747	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07	Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011214 // NVD: CVE-2024-47747

SOURCES

db:	CNVD	id:	CNVD-2025-19350
db:	JVNDB	id:	JVNDB-2024-011214
db:	NVD	id:	CVE-2024-47747

LAST UPDATE DATE

2026-06-18T18:53:17.698000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-19350	date:	2025-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2024-011214	date:	2025-09-09T01:41:00
db:	NVD	id:	CVE-2024-47747	date:	2026-05-12T12:17:16.323

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-19350	date:	2025-08-12T00:00:00
db:	JVNDB	id:	JVNDB-2024-011214	date:	2024-10-28T00:00:00
db:	NVD	id:	CVE-2024-47747	date:	2024-10-21T13:15:04.753